Facebook is trialling a new
feature named “secret
conversations” its Messenger
app that offers users end-to-end
encryption. The company says
the feature is accessible right
now for a certain people, and
will become more widely
available this summer. Facebook
says activating end-to-end
encryption for select
conversations will give users
more privacy when discussing
sensitive topics such as health
issues and financial information.
“We’ve heard from you that there
are times when you want
additional safeguards,” said the
company in a blog post.
FACEBOOK’S
END-TO-
END
ENCRYPTION
WILL BE
OPT-IN
By introducing end-to-end
encryption to Messenger,
Facebook joins the growing
ranks of messaging apps
offering stronger safeguards
against surveillance. Facebook-
owned WhatsApp already
introduced this sort of
encryption back in April , but
applied it to all messages, rather
than on the conversation-by-
conversation basis preferred by
Messenger. (Like WhatsApp,
Messenger’s encryption will be
based on Open Whisper
System’s Signal Protocol.) This
tactic can be seen as less
antagonistic to law enforcement
and governments, as making the
extra security opt-in rather than
default-on means many users
will simply ignore it.
Facebook’s “secret
conversations” will only work
from one phone, tablet, or
computer selected by the user .
This way the company won’t
have to distribute unique
encryption keys to multiple
devices. Messages sent using
end-to-end encryption will also
be limited in format, and won’t
cover the likes of GIFs and
videos, at least not initially.
Users will have the option of
setting self-destruct timers on
messages, though, just like in
Snapchat.
End-to-end encryption does not
guarantee a message’s integrity,
but to intercept a conversation
protected in this way would
require a significant amount of
cooperation with law
enforcement. This level of
collaboration could lead to a
legal fight, in the same way that
Apple objected to the FBI’s
demands to unlock an iPhone
belonging to one of the San
Bernardino shooters. The
encryption might also get
Messenger banned in some
countries — as happened to
WhatsApp in Brazil earlier this
year.
THIS
ENCRYPTION
ISN’T 100%
SECURE,
BUT
BYPASSING
IT TAKES A
VERY
SOPHISTICATED
ATTACK
The new feature comes after
Facebook received criticism for
scanning and retaining links
shared in private messages.
Earlier in May, a lawsuit certified
for class action was filed against
the social network, alleging that
the company scans links shared
in Messenger to create
marketing data. And in June, a
security researcher noted that
Messenger’s link-scanning
protocol are relatively easy for
third-party Facebook developers
to snoop on . (That allegation
has also been leveled against
Twitter’s link-shortening
service.) However, any functional
end-to-end encryption would
make this sort of link-skimming
impossible.
These caveats aside, Facebook’s
introduction of end-to-end
encryption (even as an option) is
significant. The app has some
900 million users as of this
April , and combined with
WhatsApp processes a
mammoth 60 billion messages
every day. Facebook has also
positioned Messenger as a
platform in its own right, adding
functions such as chatbots
designed to keep users coming
back. Adding extra encryption to
such a widely-used platform will
be a boon for user privacy
worldwide.

Advertisements